In this tutorial, you will learn how to create user account using useradd/adduser commands in Linux. User management is one of the most common task in Linux system administration. Creating users, setting up their environments, setting passwords, managing their groups, deleting users etc are all tasks surrounding user management in Linux. Having the ability to manage users in LInux is one of the most paramount basic skill in Linux administration.
Note that user account management in Linux requires elevated privileges; the use of root account or a standard account with sudo rights.
Below is what we are going to cover in regards to user account creation in Linux;
- Create User Account using useradd/adduser commands in Linux
- Create User accounts using useradd command in Linux
- Create User account using adduser command in Linux
- Setting User Account Password in Linux
- Viewing User Account Information in Linux
- Other Related Tutorials
There are various way in which you can create user accounts in Linux. If you are using desktop based system, you can do user account creation from the GUI (or console if you want), while on the headless servers you can do user account creation from the console, here in called the terminal. In this tutorial, we will focus on creating user management in Linux from terminal.
The command line syntax for
useradd utility is;
useradd [-c comment] [-d home-dir] [-e expire-date] [-f inactive-days] [-g default-group] [-G group[,...]] [-m [-k skeleton-dir] | -M] [-p password] [-s shell] [-u UID [-o]] [-r] [-N] username
In its simplest form, you would simply run the useradd as shown below to create a user;
For example, to create an account for user johndoe;
This creates a user account with the default options defined on the
/etc/login.defs file. You can view the defaults from the
passwd database. The useradd command default options are also defined in
getent passwd johndoe
By default, a group will also be created for the new user with the same group ID (GID) as user ID (UID) and same group name as username;
getent group johndoe
You can pass multiple options to the useradd utility to customize your user account during creation. For example, see the command below;
useradd -m -c "Jane Doe" -s /bin/bash -g level1 -G level1,level2 janedoe
Where the options:
-m: tells the useradd command to create user’s home directory (/home/janedoe).
-c: defines a short description of the user, and is currently used as the field for the user’s full name (Jane Doe).
-s: defines a custom user’s login shell, bash is used above. Check /etc/login.defs for the default value, usually /bin/sh
-g: defines a custom primary group for user instead of creating a group similar to login name (username). The group must already be existing.
-G: adds a user to additional groups specified. Groups must also be already existing.
To list the default options defined on the useradd defaults file,
For a complete description of other command line options, refer to
adduser command, unlike
useradd command, helps you to interactively add user account to your linux system. You would simply execute it from your Linux terminal as follows;
For example, to create a user called janedoe;
On Debian based systems, this command will run interactively asking you about various details about the user;
Adding user `janedoe' ...
Adding new group `janedoe' (1002) ...
Adding new user `janedoe' (1001) with group `janedoe' ...
Creating home directory `/home/janedoe' ...
Copying files from `/etc/skel' ...
Retype new password:
passwd: password updated successfully
Changing the user information for janedoe
Enter the new value, or press ENTER for the default
Full Name : Jane Doe
Room Number :
Work Phone :
Home Phone :
Is the information correct? [Y/n] y
Both adduser and useradd commands copies the initial user profile/environment settings defined under the
/etc/skel directory to the user login/home directory.
By default, adduser command uses the default settings defined under
You can specify various options on the command line;
adduser --home /home/janedoe --shell /bin/bash --gecos "" janedoe
On RHEL derivatives, the adduser command is a symbolic link to useradd command and will just run non-interactively as useradd command.
ls -alh /usr/sbin/adduser
lrwxrwxrwx. 1 root root 7 Nov 8 2019 /usr/sbin/adduser -> useradd
Before a user account becomes usable, you need to have set a password for it.
useradd command doesn’t prompt for password.
adduser command however, prompts you to set the password.
You can set/reset user account password using
As as administrator/super user (root), you can set user password as simple as executing the command;
There are other account details you can control using the passwd utility. Read more on
man passwd about the command line options.
As a standard user, you can only reset your own password. While resetting a password, you need to supply your old password.
useradd command, you can specify your password on the command line using the
-p ENCRYPTED_PASSWORD option.
You can generate an encrypted password using openssl or other tools such as crypt.
See example command below to use
passwd command to generate encrypted password.
openssl passwd password
This will generate an hash for
You can then pass this to -p option as the hash;
useradd -m -p QqjgPLfXQD8Zk username
You can simply achieve this using one command;
useradd -m -p $(openssl passwd password) username
There are two files that stores user information records in Linux;
/etc/passwd: Stores general user information such as username, user ID, group ID, location of home directory, login shell, the Geckos information. The file can be read by standard users.
/etc/shadow: Stores user password information such as expiry date, the password hash…The file cannot be read by standard users.
To view the general user information from the
passwd database, use the
This will list all the users and their account information. If you want to view specific user account information, you can grep the user or simply pass the username as the argument.
getent passwd | grep janedoe
getent passwd janedoe
letter x is a placeholder for user’s encrypted password which is stored in shadow file.
|This field should contain general user information (GECOS) such as real name (Jane Doe), phone number, location
|This is the home directory for the user
|This is the shell assigned to the user
To view user’s password information, you can similarly read from the
shadow database using the getent command.
getent shadow janedow
two exclamation marks (!!): No password set for the account
one exclamation marks (!): shows that the account is locked
an asterisk (*): Indicates that the account doesn’t accept login.
blank: The password has been deleted for the account and thus, you can login without being prompted for the password.
hash: An encrypted password has been set for the account
|Last password change date. Expressed in number of days since 01/01/1970. Value of -1 means the feature is disabled.
|Number of days before password can be changes. 0 shows that password can be changed at any time.
|How long in days after which the password must be changed. 99999 indicates that the account doesn’t expire and hence the password can be kept for as many years.
|Number of warning days before a password expires. This show 7 days
|Number of days an account can stay after it has expired before it is disabled/deactivated completely.
|How long in days, since 01/01/1970 since the account is disabled
And that is how easy it is to create and view user account information in Linux.
The commands that we used in this tutorial, supports other wide number of command line options. Be sure to check the man pages of each individual command to get a comprehensive description of these options.
That marks the end of our guide on how to create user account using useradd/adduser commands in Linux.
- man useradd
- man adduser
- man passwd